return instance;
}
-void TrustZoneContext::generateIV(uint32_t ivSize, RawBuffer& iv)
+void TrustZoneContext::generateIV(RawBuffer& iv)
{
// command ID = CMD_GENERATE_IV
//
// IV generation is a simple call - no need to serialize data
// just provide the output buffer with size equal to iv.
+ uint32_t ivSize = Params::DEFAULT_AES_IV_LEN;
TrustZoneMemory ivMemory(m_Context, ivSize, TEEC_MEM_OUTPUT);
TEEC_Operation op;
const RawBuffer &pwd,
const RawBuffer &iv,
const uint32_t keySizeBits,
- const uint32_t pwdTagSizeBits,
RawBuffer &keyId,
RawBuffer &pwdTag)
{
memset(&bufSize, 0, sizeof(KM_BufferSizeDesc));
bufSize.out_size = KM_KEY_ID_SIZE;
- bufSize.tag_size = pwdTagSizeBits / 8;
+ bufSize.tag_size = Params::DEFAULT_AES_GCM_TAG_LEN_BYTES;
uint32_t keyMemorySize = KM_CalcBufferSize(bufSize);
TrustZoneMemory keyMemory(m_Context, keyMemorySize, TEEC_MEM_OUTPUT);
ret = KM_ParamsSerializePwdData(input, pwd.data(), pwd.size(), iv.data(), iv.size(),
nullptr, 0, Params::DERIVED_KEY_LENGTH_BITS,
- Params::DERIVED_KEY_ITERATIONS, pwdTagSizeBits);
+ Params::DERIVED_KEY_ITERATIONS, bufSize.tag_size * 8);
if (ret) {
ThrowErr(Exc::Crypto::InternalError, "Failed to serialize password data for TZ crypto operation: ", ret);
}
const RawBuffer &key,
const RawBuffer &pwd,
const RawBuffer &iv,
- const uint32_t keySizeBits,
- const uint32_t pwdTagSizeBits,
RawBuffer &keyId,
RawBuffer &pwdTag)
{
memset(&bufSize, 0, sizeof(KM_BufferSizeDesc));
bufSize.out_size = KM_KEY_ID_SIZE;
- bufSize.tag_size = pwdTagSizeBits / 8;
+ bufSize.tag_size = Params::DEFAULT_AES_GCM_TAG_LEN_BYTES;
uint32_t keyMemorySize = KM_CalcBufferSize(bufSize);
TrustZoneMemory keyMemory(m_Context, keyMemorySize, TEEC_MEM_OUTPUT);
if (!pwd.empty()) {
ret = KM_ParamsSerializePwdData(input, pwd.data(), pwd.size(), iv.data(), iv.size(),
nullptr, 0, Params::DERIVED_KEY_LENGTH_BITS,
- Params::DERIVED_KEY_ITERATIONS, pwdTagSizeBits);
+ Params::DERIVED_KEY_ITERATIONS, bufSize.tag_size * 8);
if (ret) {
ThrowErr(Exc::Crypto::InternalError, "Failed to serialize key data for import: ", ret);
}
op.paramTypes = TEEC_PARAM_TYPES(TEEC_VALUE_INOUT, TEEC_MEMREF_WHOLE,
TEEC_MEMREF_WHOLE, TEEC_NONE);
op.params[0].value.a = algo;
- op.params[0].value.b = keySizeBits;
+ op.params[0].value.b = key.size() * 8;
op.params[1].memref.parent = inMemory.Get();
op.params[1].memref.offset = 0;
op.params[1].memref.size = inMemory.Get()->size;
if (!pwd.empty()) {
KM_TagData* tagData = nullptr;
- uint32_t pwdTagSizeBytes = pwdTagSizeBits / 8;
ret = KM_ParamsDeserializeTagData(output, &tagData);
if (ret) {
ThrowErr(Exc::Crypto::InternalError, "Failed to deserialize imported key's tag");
}
- if (tagData == nullptr || tagData->data_size != pwdTagSizeBytes) {
+ if (tagData == nullptr || tagData->data_size != bufSize.tag_size) {
ThrowErr(Exc::Crypto::InternalError, "Deserialized incorrect key tag");
}
- pwdTag.resize(pwdTagSizeBytes);
- memcpy(pwdTag.data(), tagData->data, pwdTagSizeBytes);
+ pwdTag.resize(bufSize.tag_size);
+ memcpy(pwdTag.data(), tagData->data, bufSize.tag_size);
}
}